commit 3c326f969768ad13e8d5aa35f84f09db3a1b5e3b
author Przemek Stekiel <przemyslaw.stekiel@mobica.com> Tue Jul 05 22:14:34 2022 +0200
committer Ronald Cron <ronald.cron@arm.com> Thu Sep 15 14:16:11 2022 +0200
tree 53f6eb18e0926a2a265f1111f2217a654c673bcf
parent b40f2e81ecc14371ad1c10218e38e83a67666c95

Add function to convert sig_alg to psa alg and use it

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 1dd7fdc..e351a24 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -927,6 +927,40 @@
     return( 0 );
 }
 
+static psa_algorithm_t ssl_tls13_select_sig_alg_to_psa_alg( uint16_t sig_alg )
+{
+    psa_algorithm_t psa_alg = 0;
+    switch( sig_alg )
+    {
+        case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
+            psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
+            psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_384 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
+            psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_512 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
+            psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
+            psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
+            psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 );
+            break;
+        case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256:
+        case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384:
+        case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512:
+            psa_alg = PSA_ALG_RSA_PKCS1V15_CRYPT;
+            break;
+        default:
+            break;
+    }
+    return( psa_alg );
+}
+
 MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_select_sig_alg_for_certificate_verify(
                                           mbedtls_ssl_context *ssl,
@@ -939,34 +973,7 @@
     *algorithm = MBEDTLS_TLS1_3_SIG_NONE;
     for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ )
     {
-        switch( *sig_alg )
-        {
-            case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
-                psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
-                psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_384 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
-                psa_alg = PSA_ALG_ECDSA( PSA_ALG_SHA_512 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
-                psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
-                psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
-                psa_alg = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 );
-                break;
-            case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256:
-            case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384:
-            case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512:
-                psa_alg = PSA_ALG_RSA_PKCS1V15_CRYPT;
-                break;
-            default:
-                break;
-        }
+        psa_alg = ssl_tls13_select_sig_alg_to_psa_alg( *sig_alg );
 
         if( mbedtls_ssl_sig_alg_is_offered( ssl, *sig_alg ) &&
             mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( *sig_alg ) &&